Privacy Policy
This policy explains how Axora Advisory collects, uses and protects personal data in connection with our website and services.
PRIVACY POLICY
Axora Advisory Pte Ltd
Effective Date: 3 May 2026
This Privacy Policy sets out how Axora Advisory Pte Ltd collects, uses, discloses and protects personal data in accordance with the Personal Data Protection Act 2012 (Singapore) and, where applicable, other applicable data protection laws.
Last updated: 3 May 2026
1. Who We Are
Axora Advisory Pte Ltd (UEN: 201219774K) is a company incorporated in Singapore providing professional advisory and business services.
Registered Address: 60 Paya Lebar Road, #06-33, Paya Lebar Square, Singapore 409051
For all privacy-related matters, please contact our Data Protection Officer in writing. Our contact details are available on our Website at www.axora-advisory.com.
2. Scope
This Privacy Policy applies to all visitors to our Website at www.axora-advisory.com, all existing, prospective and former clients and their authorised representatives, and any individual whose personal data we process in connection with our services.
If you are located in the European Economic Area (EEA) or United Kingdom, additional rights under the EU General Data Protection Regulation (GDPR) may apply to you.
3. Personal Data We Collect
3.1 Data You Provide
When you use our contact form or otherwise interact with us, we may collect your name, business email address, telephone number, company name and role, and the nature of your enquiry.
3.2 Data Collected Automatically
When you visit our Website, we or our third-party tools may automatically collect your IP address and approximate location, browser and device information, pages visited and session data, and cookie identifiers. We do not collect payment information through our Website.
3.3 Data Processed by Third-Party Tools
We use, or may from time to time use, third-party tools in the following categories: website analytics, customer relationship management, live chat and support, and email marketing. Each provider operates under appropriate data processing agreements. We do not name specific tools as these may change.
4. Purposes and Legal Basis
We process personal data for the following purposes:
- Responding to your enquiry — on the basis of pre-contractual steps at your request (GDPR Art. 6(1)(b)) and legitimate interest (PDPA).
- Providing and performing our services — on the basis of performing our contract with you (GDPR Art. 6(1)(b); PDPA).
- Sending marketing communications — on the basis of your consent (GDPR Art. 6(1)(a); PDPA).
- Website analytics and improvement — on the basis of legitimate interest (GDPR Art. 6(1)(f); PDPA), subject to cookie consent where required.
- Compliance with legal and regulatory obligations — on the basis of legal obligation (GDPR Art. 6(1)(c); PDPA).
- Prevention of fraud and security incidents — on the basis of legitimate interest and legal obligation (GDPR Art. 6(1)(c) and (f); PDPA).
5. Cookies
5.1 Current Position
At the date of this Privacy Policy, we do not actively deploy analytics, marketing or third-party cookies on our Website. Only strictly necessary cookies essential for basic Website functioning are in use. These do not collect personal data and do not require consent.
5.2 Future Cookies
As our Website develops, we may introduce cookies in the following categories:
- Strictly necessary — essential for the Website to function. No consent required.
- Analytics — to understand how visitors use our Website. Consent required.
- Functional — to enable features such as live chat. Consent required.
- Marketing and targeting — set by our communications partners. Consent required.
5.3 Managing Preferences
When we introduce non-essential cookies, a consent banner will appear on your first visit. You may update your preferences at any time via the Cookie Settings link in our Website footer, or through your browser settings.
6. Disclosure of Personal Data
We do not sell personal data. We may share it with:
- Our employees, contractors and professional advisors, on a need-to-know basis and subject to confidentiality obligations.
- Third-party service providers acting as data processors under appropriate data processing agreements.
- Regulatory, law enforcement or government authorities where required by applicable law, court order or legal process.
- Prospective buyers or advisors in connection with a merger, acquisition or restructuring of our business, subject to appropriate confidentiality obligations.
7. International Transfers
We are incorporated and operate in Singapore. Some of our third-party service providers are located outside Singapore. Where personal data is transferred outside Singapore, we take reasonable steps to ensure compliance with the PDPA's transfer limitation obligations.
Where we transfer personal data of EEA or UK individuals outside the EEA or UK, we rely on lawful transfer mechanisms recognised under the GDPR or UK GDPR, including Standard Contractual Clauses or adequacy decisions where applicable.
8. Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Our indicative retention periods are:
- Enquiry and contact data: 2 years from the date of last contact, unless the enquiry converts to a client engagement.
- Client engagement records (including accounting, financial and corporate secretarial records): 5 years from the end of the financial year in which the engagement is completed, in accordance with the Companies Act 1967 (Singapore) and applicable IRAS and ACRA requirements.
- Marketing data: until consent is withdrawn or the individual unsubscribes, after which we retain only a suppression record.
- Website analytics data: as configured in the relevant tool, typically no longer than 14 months.
Upon expiry of the applicable retention period, we will take reasonable steps to securely delete or irreversibly anonymise personal data.
9. Your Rights
9.1 Rights Under the PDPA
Under the PDPA, you have the right to access personal data we hold about you, correct inaccurate or incomplete personal data, and withdraw consent for collection, use or disclosure of your personal data, subject to legal or contractual restrictions and reasonable notice.
9.2 Additional Rights Under the GDPR (EEA and UK)
If you are located in the EEA or UK, you additionally have the right to request erasure of your personal data, request restriction of processing, receive your data in a portable format where processing is based on consent or contract, object to processing based on legitimate interests or for direct marketing, and not be subject to solely automated decision-making that produces significant legal effects on you.
To exercise any of these rights, contact our Data Protection Officer in writing using the contact details on our Website. We are required by law to respond within the prescribed timeframes. We may verify your identity before processing your request. There is no charge unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline to act.
10. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration or destruction, including access controls, authentication and encryption of data in transit.
No method of internet transmission is completely secure. We cannot guarantee absolute security of data transmitted to or from our Website.
In the event of a notifiable personal data breach, we will notify the relevant regulatory authority and affected individuals within the timeframes prescribed by applicable law at the time of the breach.
11. Children
Our Website and services are directed at business professionals. We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently done so, please contact our Data Protection Officer in writing using the contact details on our Website and we will delete it promptly.
12. Third-Party Links
Our Website may contain links to third-party websites. We have no control over and are not responsible for their content or privacy practices.
13. Changes to This Policy
We may update this Privacy Policy at any time by posting the updated version on our Website with a revised effective date. Where changes are material, we will take reasonable steps to notify affected individuals.
14. Contact and Complaints
For any questions or concerns relating to this Privacy Policy or our data protection practices, please contact our Data Protection Officer in writing:
Axora Advisory Pte Ltd
Attn: Data Protection Officer
60 Paya Lebar Road, #06-33, Paya Lebar Square, Singapore 409051
Website: www.axora-advisory.com
We are required by law to acknowledge and respond to data protection requests within prescribed timeframes. If you are dissatisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.
If you are located in the EEA or UK, you also have the right to contact your national data protection supervisory authority.